By Corey Hamilton, Global Financial Services Leader, Security Services at IBM
By Corey Hamilton, Global Financial Services Leader, Security Services at IBM
Financial services institutions are some the heaviest investors and users of security controls, largely driven by stringent regulatory and compliance requirements. As a result, this sector has elevated itself to one of the most secure verticals in the world. However, these organizations remain a top target for cybercriminals chasing high reward pay days given the sensitive nature of the data they manage and their integral role in our global economy. In fact, a recent IBM X-Force report found that this industry was the 2nd most attacked in 2021.
These persistent and novel attacks have led to higher costs of breaches for financial services organizations. According to IBM’s 2022 Cost of a Data Breach Report, the average cost of a data breach in financial services was $5.97M, 13% higher than the $4.35M global average. The study also found that cybercriminals are diversifying their methods of attacks to find a way into these organizations, with attack vectors ranging from compromised credentials (19%), phishing (16%) and cloud misconfiguration (15%). This demonstrates that attackers are becoming more sophisticated in their methods.
The data in this report reveals there is more work to be done to thwart these attackers and mitigate the rising cost of data breaches. There are several ways banks and financial services organizations can do this, including:
Adopt a zero-trust security model to help prevent unauthorized access to sensitive data.
Results from the study showed that while just 41% of organizations have implemented a zero-trust security approach, they had a potential breach cost saving of USD 1.5 million with a mature deployment. As organizations incorporate remote work and hybrid multicloud environments, a zero-trust strategy can help protect data and resources by limiting their accessibility and requiring context before granting access.
Security tools that can share data between disparate systems and centralize data security operations can help security teams detect incidents across complex hybrid multicloud environments. You can gain deeper insights, mitigate risks and accelerate response with an open security platform that can advance your zero-trust strategy. At the same time, you can use your existing investments while leaving your data where it is, helping your team become more efficient and collaborative.
Tackle the root cause of data breaches by investing in security training and awareness.
One of the principle causes for data breaches is due to human error, accounting for 33% of breaches for financial services, followed only by malicious attack, which accounted for 45% of data breaches. The figure around human error is as high as we’ve ever seen it, an increase in 8% compared to 2021’s figure of 25%. Staffing and expertise shortages, the great migration, remote work, and organizations digitizing their operations are large reasons as to why we are seeing such a high rate of human error.
Given this finding, it is vital that your organization invest in educating employees on phishing, scams, and malware-facilitated cybercrime. Every organization has security training at least once a year, but that isn’t enough to thwart sophisticated attackers who are using a broader range of attack methods than ever before. Investing in training will help employees identify and shut down attacks at a faster rate.
Implement artificial intelligence to close cybersecurity skills gap.
According to the Cost of a Data Breach Report, 41% of financial services organizations have fully deployed security automation, up from 28% in 2021. Automation is being leveraged in this industry more so than in other sectors, like energy and manufacturing. This has only further accelerated throughout the past two years given the number of banks and financial services organizations that have transitioned their data to the cloud and are automating their operations.
Artificial intelligence can be beneficial for a variety of reasons. The technology can extract features and patterns, improve decision making and detect unknown threats. It can help with reasoning, including showing evidence of breaches, help with remediation planning and possible outcomes, and anticipate new threats and next steps. Further, this technology can reduce human analyst burden and decrease reaction time, lessening human error.
We have seen real gains by banks and financial services organization who are investing in this technology. The Cost of a Data Breach Report found that there was a USD $1.2M cost savings for organizations who fully deployed automation vs. the global average of the cost of a data breach. It also found that financial services organizations took fewer days to identify and contain a breach, 183 and 52, compared to the industry average of 207 days to identify and 70 days to contain.
Create and test incident response playbooks to increase cyber resilience.
Two of the most effective ways to mitigate the cost of a data breach are forming an incident response (IR) team and extensive testing of the IR plan. Breaches at organizations with IR teams that regularly test their plan saw USD $2.66M in savings compared to breaches at organizations with no IR team or testing of the IR plan. Organizations can respond quickly to contain the fallout from a breach by establishing a detailed cyber incident playbook. Routinely test that plan through tabletop exercises or run a breach scenario in a simulated environment such as a cyber range.
Opt for specialized clouds.
Specialized clouds take specific requirements dictated by regulation and privacy mandates for regulated industries into consideration. For financial institutions, for example, they are designed to build trust and have specific features for security, compliance, and resiliency that financial institutions require. They are managed by professionals that understand the unique challenges each industry faces so organizations can confidently host their mission-critical applications in the cloud and transact quickly and efficiently.
In summary.
Financial organizations are facing many headwinds today, from inflation to employee retention and persistent attacks against their organization. However, investing in exponential technologies, like cloud and AI, and training employees on best practices around them can be a vector to help protect against these challenges. This will ensure you are giving employees new knowledge and skill sets, safeguarding sensitive data in the face of malicious attackers, and fighting against the rising cost of data breaches.
A data breach occurs when unauthorized individuals gain access to sensitive data, often leading to data theft or exposure of personal information.
A zero trust security model is a cybersecurity approach that requires strict identity verification for every person and device trying to access resources on a network.
Artificial intelligence in cybersecurity refers to the use of machine learning and algorithms to detect and respond to threats, automate security processes, and enhance overall security posture.
Incident response is a structured approach to managing and addressing security breaches or cyberattacks, aiming to minimize damage and recover quickly.
Specialized clouds are cloud computing environments tailored to meet specific regulatory and compliance requirements of certain industries, such as financial services.
Explore more articles in the Finance category
